Author Archives: Phil Cox
RightScale Compute Preview: PCI-Compliant Apps in the Public Cloud
PCI compliance in the public cloud is a growing topic of concern and interest. Some people claim one can be a PCI-compliant merchant using a public IaaS cloud, while others say that’s impossible. I am a former Qualified Security Assessor … Continue reading
Posted in RightScale Conference
Tagged RightScale Compute, User Conference
AWS CloudHSM: Why You’ll Want It and What to Watch Out For
Security has been one of the top challenges in every survey on cloud computing in the last five years. Yet public cloud providers have continued to beef up their security offerings, and not everyone realizes how far providers have come … Continue reading
Posted in AWS, Cloud Management, Security
Tagged AWS, Cloud Computing, Security
Security Monitoring In Public IaaS: How We Do It at RightScale
In my experience helping RightScale customers who are at varying points in the cloud adoption spectrum from investigating IaaS to launching a POC to already using IaaS for production applications, I see quite a bit of confusion about how to … Continue reading
RightScale Enterprise Security Features Unleashed
We have been busy this summer working on a number of security- and governance-related features for our Enterprise Edition customers, who are typically large organizations that have well-defined internal user identity and compliance structures. With the latest RightScale release, we have … Continue reading
Posted in Security
Tagged API, Cloud Computing, Cloud Management, MultiCloud, Release, RightLink, Security
PCI Compliance in the Public IaaS Cloud: How I Did It
Over the past few years, I have heard many folks assert that one can be a PCI compliant merchant using public IaaS cloud and I have heard just as many state that it’s not possible. In retrospect, I have found most of them – … Continue reading
Posted in AWS, Cloud Computing, Cloud Management, Security
Tagged Compliance, PCI, PCI-DSS
12 Comments
RightLink Agent Security Features and Upgrading from V4 RightImages
A fundamental problem in Cloud management is “how do I get the remote instance to do what I want it to?”. Taking this task on for a few systems is doable with a number of techniques, making it scale for … Continue reading
Posted in Chef, EC2, Security
Tagged Cloud Management, RightImage, RightLink, RightScale, SSH
12 Comments
Applying Security Workarounds in the RightScale Universe
In a recent post I discussed some of the options for patch management in the RightScale platform, this time I will talk about what happens when a patch is not available through traditional patch channels from the vendor. This typically … Continue reading
Security Patching in the RightScale Universe
Security vulnerabilities happen, it is just a fact, not only in technology but in life in general. When we are made aware of those vulnerabilities, we need to “fix” things or mitigate them to the best extent possible. In IT, … Continue reading
Performing Security Testing in the Cloud
[This is Phil Cox's first blog post since he joined us as Director of Security and Compliance. We hope to have more from him to post in the near future! -Thorsten] Security testing is one aspect of a security program … Continue reading
